• Home
  • blog
  • Editorial: Are We Heading for Package Manager Fatigue?

Editorial: Are We Heading for Package Manager Fatigue?

Facebook has made a big splash this past week with the announcement of its new JavaScript package manager, Yarn. Your initial reaction may be similar to mine when I first heard this: isn’t another package manager the last thing we need?! It seemed that, despite the upheaval of a seemingly never-ending parade of new frameworks, the JavaScript community had at least settled on npm as the defacto package manager.

But wait, before you take to Twitter or your blog to decry package manager fatigue, Yarn is actually not that bad. For a start, Yarn is not a new package repository: it’s more of a drop-in replacement for the npm client, designed to improve upon some of npm’s shortcomings. As an added bonus, not only does it work with npm packages, it also supports Bower! Change to a project folder with either a package.json or a bower.json file, run yarn, and you’re in business.

“OK, but I don’t use Bower, so why would I change to Yarn?” I hear you ask. Well, the Yarn team built it to address issues with speed, reliability, and security that they have had when using npm on projects internally at Facebook. To achieve this, Yarn generates a lockfile which helps it to keep track of exactly how each dependency is resolved.

One of the benefits of the lockfile is a speedup of install times. I’ve seen some differing accounts so far on just how much difference it makes (and in some cases, whether it makes a difference at all) but there are some very interesting comparisons between Yarn and npm here. One of the other things Yarn does differently is to keep a cache of downloaded packages, making reinstalls blazingly fast. It also means they can be done offline.

Continue reading %Editorial: Are We Heading for Package Manager Fatigue?%